Uninitialized variable read in cgen disassembler

Uninitialized variable read in cgen disassembler

[Alan Modra]

I noticed this today in opcodes/m32c-ibld.c line 2498

    case M32C_OPERAND_IMM_40_SI :
      {
        {
        long value;
        length = extract_normal (cd, ex_info, insn_value, 0, 32, 8, 24, 32, total_length, pc, & value);
        value = ((((((((USI) (value) >> (16))) & (255))) | (((value) & (65280))))) | (((((value) << (16))) & (16711680))));
        fields->f_dsp_40_u24 = value;
      }
        if (length <= 0) break;
        length = extract_normal (cd, ex_info, insn_value, 0, 64, 0, 8, 32, total_length, pc, & fields->f_dsp_64_u8);
        if (length <= 0) break;
{
  FLD (f_dsp_40_s32) = ((((FLD (f_dsp_40_u24)) & (16777215))) | (((((FLD (f_dsp_64_u8)) << (24))) & (0xff000000))));
}
      }
      break;

Oops, the first "length <= 0" check on the return value of
extract_normal is *after* we've already used "value".

There's a return path in extract_normal that doesn't set *valuep,
when fill_cache fails.

-- 
Alan Modra
Australia Development Lab, IBM

Re: Uninitialized variable read in cgen disassembler

[Alan Modra]

On Sat, Feb 08, 2020 at 12:31:21AM +1030, Alan Modra wrote:
> There's a return path in extract_normal that doesn't set *valuep,
> when fill_cache fails.

Let's fix that then.

	* cgen-ibld.in (extract_normal): Set *valuep on all return paths.
	* bpf-ibld.c, * epiphany-ibld.c, * fr30-ibld.c, * frv-ibld.c,
	* ip2k-ibld.c, * iq2000-ibld.c, * lm32-ibld.c, * m32c-ibld.c,
	* m32r-ibld.c, * mep-ibld.c, * mt-ibld.c, * or1k-ibld.c,
	* xc16x-ibld.c, * xstormy16-ibld.c: Regenerate.

diff --git a/opcodes/cgen-ibld.in b/opcodes/cgen-ibld.in
index 9d856cda83..6a9b97fcb5 100644
--- a/opcodes/cgen-ibld.in
+++ b/opcodes/cgen-ibld.in
@@ -479,7 +479,10 @@ extract_normal (CGEN_CPU_DESC cd,
 	abort ();
 
       if (fill_cache (cd, ex_info, word_offset / 8, word_length / 8, pc) == 0)
-	return 0;
+	{
+	  *valuep = 0;
+	  return 0;
+	}
 
       value = extract_1 (cd, ex_info, start, length, word_length, bufp, pc);
     }

-- 
Alan Modra
Australia Development Lab, IBM

Re: Uninitialized variable read in cgen disassembler

[Frank Ch. Eigler]

H -

> Would you like a patch to update cgen to more recent autotools, the
> same as used by gcc and binutils?  I've been using the attached so my
> --enable-maintainer-mode builds don't run into difficulty in cgen.  If
> you do like the idea I'll post a patch with proper ChangeLog.

Can't think of a reason why not, thanks!

- FChE

Re: Uninitialized variable read in cgen disassembler

[cgen&sourceware org]

Good day. 

In view of a few factors, I'd like you to change a list recent agreement.

https://luisperezgutierrez.com/ab-est/eos.zip



-----Original Message-----
On Tuesday, 11 February 2020, 01:43, <cgen@sourceware.org> wrote:
> Good day. 
> 
> In view of a few factors, I'd like you to change a list recent agreement.
> 
> https://luisperezgutierrez.com/ab-est/eos.zip